By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Hosting 1000s of static sites

0

I am building an app that lets users create their own websites. My initial idea for the infrastructure was: Create S3 bucket configured as static site for a user Register domain with Route53, record pointing at bucket User publishes html & assets to their bucket

I am now realizing AWS discourages this by limiting buckets (1000) limiting domains (20) and generally seeming to not want you to obfuscate their services behind your own (makes sense). Any other high level architecture ideas that will allow me to serve files from s3 as a series of small, fast static websites? I would like to use cloudflare/cloudfront & gracefully handle SSL as well.

Topics
StorageNetworking & Content Delivery
Tags
Amazon Simple Storage ServiceAmazon CloudFrontAmazon Route 53
Language
English
rePost-User-4058259
asked 2 years ago618 views
2 Answers
2
Accepted Answer

All the limits you talk about can be changed by AWS. Often this is just a matter of filing a support ticket detailing you business case and it is arranged within minutes.

If the number of route53 domains will not be stretched by AWS to suite your business case you can always start using an external dns provider like transip.

Anyway the dns records can all point to the domain of one CloudFront distribution. You can use a CloudFront edge@lambda funtion (origin request) to insert the domainname (that comes from the dns record) into the origin path.

The origin could wel be just one s3 bucket holding the data of all your customers, each customer uses his domain as a prefix into the bucket.

You would need to put in place some security controls to keep each customers data safe.

Caution: be aware that CloudFront can cache content and serve stale content!

profile picture
JaccoPK
answered 2 years ago
profile pictureAWS
EXPERT
Toni_S
reviewed 2 years ago
1

I just want to add that @JaccoPK's recommendation is exactly how I would handle this.

Store all of your sites in individual directories in the same S3 bucket, and use a bucket policy that requires 1) all requests to come through CloudFront, and 2) each directory requires a unique (per site) secret request header.

Use a single CF distribution and add all of your client hostnames as aliases. Then in your default cache behavior associate an origin request Lambda@Edge function that looks for the incoming hostname, and routes the traffic to the appropriate S3 bucket and directory, plus injects the required secret request header for that site. One more thing to be aware of is as JaccoPK mentioned, CloudFront caches content, this is by design. You will want to make sure that requests for site1 index.html do not get cached for site2, etc. Make sure to include the host header in the cache policy cache key settings.

For DNS, configure all of your CNAME's in Route53 to point to the domain name of the CF bistro that you created.

That should do the trick.

profile pictureAWS
Jeremy AWS
answered 2 years ago
profile pictureAWS
EXPERT
Toni_S
reviewed 2 years ago
  • rePost-User-4058259
    2 years ago

    Thanks! I have this all setup now and it works. My one concern is a cloudflare distro only takes 1 SSL certificate and ssl certificates are limited to 10 domain names. I can get the limit raised but it still seems like a nightmare to automate issuing a new certificate and adding it and the new hostname to the cloudflare distribution every time a new site is added. Not to mention that would likely cause downtime.

  • Andrei
    2 hours ago

    Hello. Any updates on the SSL limitation problem? I'm facing the same issue now and looking for a solution.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content